- From: GALINDO Virginie <Virginie.GALINDO@gemalto.com>
- Date: Mon, 20 Jan 2014 14:39:52 +0100
- To: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
- CC: "public-webcrypto@w3.org" <public-webcrypto@w3.org>
- Message-ID: <239D7A53E5B17B4BB20795A7977613A401E2D39360CB@CROEXCFWP04.gemalto.com>
Vijay and all, Let's close ISSUE-36. Lets see where does that password concern comes from. At a first glance I do not see any bug related to that problem (if any). Virginie From: Vijay Bharadwaj [mailto:Vijay.Bharadwaj@microsoft.com] Sent: mardi 14 janvier 2014 18:39 To: GALINDO Virginie Cc: public-webcrypto@w3.org Subject: RE: W3C Web Crypto WG - progressing on ISSUE-36 I think you are referring to the email where I raised these two issues: 1. I am leery of the password parameter in the AlgorithmIdentifier for PBKDF2. This is key material and I think we should be very careful about putting key material in identifiers. As mentioned in the other thread I would prefer something like importKey to create a Key here. ==> I don't recall the discussion we had about this and I can't find the Shenzhen minutes. Does anyone else remember? 2. For deriveKey and generateKey, I am not sure I understand the algorithm descriptions. Nowhere does either description say that these methods should construct and return a Key object. Shouldn't the penultimate step be something like "Let keyMaterial be the result of executing the key generation algorithm defined by the algorithm indicated in normalizedAlgorithm, and result be a Key object obtained by executing the importKey procedure with format set to "raw", keyData set to keyMaterial, and algorithm to derivedKeyType"? ==> This was addressed on the call - the data types of the return values are in the algorithm-specific sections. So consider this resolved. From: GALINDO Virginie [mailto:Virginie.GALINDO@gemalto.com] Sent: Thursday, January 9, 2014 9:58 AM To: Vijay Bharadwaj Cc: public-webcrypto@w3.org<mailto:public-webcrypto@w3.org> Subject: W3C Web Crypto WG - progressing on ISSUE-36 Hi Vijay, In order to progress on the ISSUE-36 [1], can you confirm that you are happy with the derivebits recent proposal ? Your last mail related to it raised some issue, did you transform it into bugs ? Here again, I am trying to define if the ISSUE-36 and/or ACTION-127 can be closed. Regards, Virginie [1] http://www.w3.org/2012/webcrypto/track/issues/36 ________________________________ This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus ________________________________ This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited. E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender. Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
Received on Monday, 20 January 2014 13:40:22 UTC